Lucene search
K
I13websolutionThumbnail Slider With Lightbox

4 matches found

CVE
CVE
added 2023/10/27 11:28 a.m.67 views

CVE-2023-5820

The CVE-2023-5820 entry concerns the WordPress plugin Thumbnail Slider With Lightbox (version 1.0 and earlier). It describes a Cross-Site Request Forgery flaw caused by missing or incorrect nonce validation on the addedit action, enabling unauthenticated attackers to trick an admin into uploading...

9.6CVSS8.4AI score0.00317EPSS
CVE
CVE
added 2023/10/18 7:31 a.m.60 views

CVE-2023-5621

CVE-2023-5621 : The WordPress plugin Thumbnail Slider With Lightbox (versions ≤ 1.0) is vulnerable to a stored XSS via the Image Title field. The issue requires administrator-level access and affects multisite setups or sites with unfiltered_html disabled. The root cause is insufficient input san...

4.8CVSS4.9AI score0.004EPSS
CVE
CVE
added 2023/10/12 5:30 a.m.48 views

CVE-2023-5531

CVE-2023-5531 affects the WordPress plugin “Thumbnail Slider With Lightbox.” Wordfence reports CSRF via missing nonce validation on the delete functionality, enabling unauthenticated attackers to delete image lightboxes if a site admin is tricked. Affected versions are up to 1.0; remediation via ...

4.3CVSS4.6AI score0.00259EPSS
CVE
CVE
added 2025/10/29 9:27 a.m.11 views

CVE-2015-10146

CVE-2015-10146 affects the WordPress plugin Thumbnail Slider With Lightbox (plugin slug: wp-responsive-slider-with-lightbox). All versions up to and including 1.0.4 are vulnerable to SQL injection via the id parameter due to insufficient escaping and improper query construction. Exploitation requ...

4.9CVSS6.2AI score0.0027EPSS